Embodiments of the present invention relate to computer security, and in particular, to systems and methods configured to mine security vulnerability disclosures that are available from social media.
Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Software users desire to stay informed about security information relevant for their information technology (IT) systems. Such security information supports users in understanding security risks arising from security vulnerabilities, and helps them in protecting their systems.
Security information, however, may typically be communicated through a variety of different channels. Each such channel may offer information of different scope, quality, and/or freshness (e.g. up-to-dateness).
For example under certain circumstances a software security vulnerability and zero-day exploit may published by the software owner once a hacker detects and reports that vulnerability. In some cases, however, vulnerabilities are not reported directly to the software owner or to a security instance, but are instead simply published in the internet as a trophy. Sometimes, a corresponding delay between first publication of the exploit first publication and the official announcement of the vulnerability can open the floor to other attackers to take advantage of the vulnerability.
Accordingly, the present disclosure addresses these and other issues with systems and methods that are configured to mine security vulnerabilities available from social media.